InfoQ Homepage Application Security Content on InfoQ
-
Kubernetes Report Finds Increase in Poorly Configured Workloads
Fairwinds, a provider of Kubernetes software, has released their Kubernetes Benchmark Report 2023. The report shows an overall trend of worsening configuration issues across the surveyed organizations. This includes increases in organizations running workloads allowing root access, workloads without memory limits set, and workloads impacted by image vulnerabilities.
-
Sigstore Releases Python Client
Sigstore has announced the 1.0 stable release of sigstore-python, a Python-based Sigstore-compatible client. The client provides a CLI as well as an importable Python API. It is able to sign and verify with any Sigstore-supported identity and has ambient identity detection for supported environments.
-
Cloudflare DDoS Report Finds Increase in Attack Volume and Duration
Cloudflare released its Distributed Denial of Service (DDoS) Threat Report for the fourth quarter of 2022. The report covers the DDoS attack landscape as detected by the Cloudflare network. HTTP DDoS attacks increased 79% year-over-year with ransom DDoS attacks seeing an increase as well. The report found that longer attacks are increasing especially with network-layer DDoS attacks.
-
Elastic 8.6 Released with Improvements to Observability, Security, and Search
Elastic has released Elastic 8.6 with improvements across the entire Elastic Search Platform including Elastic Enterprise Search, Elastic Observability, Elastic Security, and Kibana. The release includes additional connector clients, better observability of dependencies, improvements to alerts generated from prebuilt security rules, and temporary data views.
-
SBOM Quality and Availability Varies Greatly across Projects
A recent assessment of the quality and availability of SBOMs in open-source repositories found the availability and implementation to vary widely. The OpenSSF's Open Source Software Security Mobilization Plan has a dedicated stream to improving the availability, generation, and consumption of SBOMs.
-
Report Finds Heavy Use of Open-Source Solutions for Kubernetes Security
A recent survey by Armo on the use of security software solutions with Kubernetes found that over half of respondents leverage open-source tooling. Companies using open-source tooling use on average 3.6 different tools. These open-source tools were predominately used for service mesh, network policy and micro-segmentation, and misconfiguration scanning.
-
Zero Trust Access to Corporate Applications with AWS Verified Access
At re:Invent 2022, AWS released a new enterprise application connectivity service, Verified Access. The service provides Zero Trust access to enterprise web applications by employing endpoints and policies to authenticate and authorize user requests against identity providers or device management systems. Verified Access is currently in public preview in 10 AWS regions.
-
Snyk Announces General Availability of Snyk Cloud and Enhancements to its Platform
Snyk, a developer security platform, recently announced the general availability of their cloud security tool, Snyk Cloud, and improvements to their platform. Extending support for software bill of materials (SBOM), the improvements include new reporting capabilities and self-service resources.
-
Spotify Introduces Kitsune Vulnerability Management Platform
Spotify recently introduced its security vulnerability management platform, Kitsune. Right from vulnerability detection to providing insights based on metrics, Kitsune manages the overall security vulnerability lifecycle. Kitsune’s development started one and a half years ago and it continues to evolve.
-
Heuristic Static Analysis Tool GuardDog Used to Detect Several Malicious PyPi Packages
GuardDog is new open source tool aimed at identifying malicious Python Packages using Sempreg and package metadata analysis. Thanks to a set of source code heuristics, GuardDog can detect malicious packages never seen before and has been used to identify several malicious PyPi packages in the wild.
-
Docker Desktop 4.14 Adds Resource Usage Monitor and Vulnerability Discovery
The latest version of Docker Desktop introduces a number of new features, including resource usage monitor and vulnerability discovery. Additionally, Docker Desktop 4.14 adopts the latest Docker Engine, Docker Compose, and Containerd releases.
-
Sigstore Moves to GA with Enhanced Stability and Reliability
The Open Source Security Foundation (OpenSSF) has moved Sigstore, an artifact signing, and verification technology, into general availability. This announcement sees the Sigstore certificate authority, Fulcio, and transparency log, Rekor, also move into GA with their 1.0 releases. The release brings improved stability and reliability to the services for use within production workloads.
-
Orca Security Report Finds Critical Assets Vulnerable within Three Steps
A report from Orca Security found security gaps within the assessed cloud environments. These include unencrypted sensitive data, S3 buckets with public READ access, root accounts without multi-factor authentication enabled, and publically accessible Kubernetes API servers. In addition, they found that the average attack path only requires three steps to reach business-critical data or assets.
-
Quarkus Defends REST APIs against Attack
Quarkus has released a new release that integrates RESTEasy APIs with an integrated control against CSRF attacks, making web applications more resilient against certain types of fraud.
-
Threat Operations and Research Team Cloudforce One Generally Available
Cloudflare recently announced that the threat operations and research team Cloudforce One began conducting briefings and is now generally available. Available as an add-on subscription, Cloudforce One includes threat data and briefings, security tools, and the ability to make requests for information (RFIs) to the team.